Security Advisory

MikroTic Product Security Update Advisory (CVE-2024-2169)

  • Mar 25 2024

Overview

 

MikroTic has made available an update that addresses a vulnerability in their product. users of affected versions are advised to update to the latest version.

 

Affected Products

 

Prior to RouterOS 7.13.2

 

Resolved Vulnerabilities

 

Denial of Service (Dos) Vulnerability in MikroTic’s RouterOS TFTP Service (CVE-2024-2169) [1] [2]

 

Vulnerability Patches

 

vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

RouterOS 7.13.2 and at least version 7.13.2
RouterOS 7.14 beta6 versions

 

Referenced Sites

 

[1] Implementations of UDP-based application protocols are vulnerable to network loops

https://kb.cert.org/vuls/id/417980

[2] cve-2024-2169

https://www.cve.org/CVERecord?id=CVE-2024-2169

[3] Upgrading RouterOS

https://mikrotik.com/download

Previous Post

Next Post